docker.io/portainer/agent:2.39.4 linux/amd64

docker.io/portainer/agent:2.39.4 - Trivy安全扫描结果 扫描时间: 2026-07-08 10:24
全部漏洞信息
低危漏洞:1 中危漏洞:7 高危漏洞:12 严重漏洞:0

系统OS: 扫描引擎: Trivy 扫描时间: 2026-07-08 10:24

app/agent (gobinary)
低危漏洞:1 中危漏洞:7 高危漏洞:12 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
github.com/containerd/containerd CVE-2026-53488 高危 v1.7.32 1.7.33 github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53488

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 02:17 修改: 2026-07-03 04:17

github.com/containerd/containerd/v2 CVE-2026-53488 高危 v2.2.4 2.0.10, 2.1.9, 2.2.5, 2.3.2 github.com/containerd/containerd: containerd: Host-root command execution via unvalidated image config labels in CRI plugin

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53488

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 02:17 修改: 2026-07-03 04:17

github.com/containerd/containerd/v2 CVE-2026-53489 高危 v2.2.4 2.1.9, 2.2.5, 2.3.2 github.com/containerd/containerd: containerd: Arbitrary host file read via symlink following in CRI checkpoint restore

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53489

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33

github.com/containerd/containerd/v2 CVE-2026-53492 高危 v2.2.4 2.1.9, 2.2.5, 2.3.2 github.com/containerd/containerd: containerd: Security bypass via Container Device Interface (CDI) annotation smuggling during checkpoint restoration.

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-53492

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:33

github.com/docker/cli CVE-2025-15558 高危 v28.5.1+incompatible 29.2.0 docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries

漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15558

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-03-04 17:16 修改: 2026-06-30 03:16

github.com/docker/docker CVE-2026-34040 高危 v28.5.1+incompatible 29.3.1 Moby: Moby: Authorization bypass vulnerability

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34040

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-03-31 03:15 修改: 2026-06-17 10:38

github.com/docker/docker CVE-2026-41567 高危 v28.5.1+incompatible docker: Moby/Docker Engine: Arbitrary Code Execution via malicious container image and compressed archive upload

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41567

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-06-05 02:17 修改: 2026-07-06 13:16

github.com/docker/docker CVE-2026-42306 高危 v28.5.1+incompatible Moby is an open source container framework. In Docker Engine prior to ...

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42306

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:47

github.com/moby/buildkit CVE-2026-33747 高危 v0.25.1 0.28.1 BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33747

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-03-27 01:16 修改: 2026-06-17 10:38

github.com/moby/buildkit CVE-2026-33748 高危 v0.25.1 0.28.1 github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33748

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-03-27 15:16 修改: 2026-06-17 10:38

oras.land/oras-go/v2 CVE-2026-50151 高危 v2.6.0 2.6.1 oras-go blob upload vulnerable to credential forwarding via unvalidated Location header

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50151

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

oras.land/oras-go/v2 CVE-2026-50163 高危 v2.6.0 `oras-go` tar extraction: Hardlink entry with relative Linkname escapes extract dir via process CWD resolution

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50163

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

github.com/docker/docker CVE-2026-41568 中危 v28.5.1+incompatible github.com/docker/docker: github.com/moby/moby: Moby: Denial of Service via race condition in docker cp mount setup

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41568

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-06-12 19:16 修改: 2026-06-17 10:46

github.com/containerd/containerd/v2 CVE-2026-47262 中危 v2.2.4 2.0.10, 2.1.9, 2.2.5, 2.3.2 github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47262

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:40

github.com/containerd/containerd/v2 CVE-2026-50195 中危 v2.2.4 2.1.9, 2.2.5, 2.3.2 github.com/containerd/containerd: containerd: Arbitrary code execution via CRI checkpoint image tag poisoning

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50195

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:43

github.com/containerd/containerd CVE-2026-47262 中危 v1.7.32 1.7.33 github.com/containerd/containerd: containerd: Denial of Service via maliciously crafted image leading to unbounded group parsing

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-47262

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 19:16 修改: 2026-07-02 19:40

github.com/docker/docker CVE-2026-33997 中危 v28.5.1+incompatible 29.3.1 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33997

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-03-31 03:15 修改: 2026-06-30 03:18

oras.land/oras-go/v2 CVE-2026-50162 中危 v2.6.0 2.6.1 oras-go has file store write outside workingDir via symlink traversal

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-50162

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

oras.land/oras-go/v2 GHSA-vh4v-2xq2-g5cg 中危 v2.6.0 2.6.1 ORAS Go forwards registry credentials across registry redirects

漏洞详情: https://github.com/advisories/GHSA-vh4v-2xq2-g5cg

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 2026-07-01 21:54 修改: 2026-07-01 21:54

oras.land/oras-go/v2 CVE-2026-48978 低危 v2.6.0 2.6.1 oras-go: Malicious registry can hijack Bearer token realm to exfiltrate credentials and refresh tokens

漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48978

镜像层: sha256:c4c08a8da713f478299f72fc23b4278df95b30dd93ef577fd80865731efeff34

发布日期: 0001-01-01 00:00 修改: 0001-01-01 00:00

app/docker-credential-portainer (gobinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
app/healthy (gobinary)
低危漏洞:0 中危漏洞:0 高危漏洞:0 严重漏洞:0
软件包 漏洞 安全状态 安装版本 修复版本 漏洞信息
检测到您正在使用广告拦截插件,本站为公益站点,依赖广告维持运转 🙏 查看如何关闭 ×